Porn users tricked in cyber extortion

Cameron Houston -Aug 18, 2013

Illustration: Matt Golding.

HUNDREDS of Australians accessing pornography online have been caught - some quite literally - with their pants down by cyber criminals who fraudulently claim to be members of the Australian Federal Police.

Using viruses known as ransomware, foreign gangs are filming users of adult websites by activating the webcams on their private computers.

The viruses lock the desktop and post an incriminating image of the person on their screen, before warning they have breached federal laws relating to child pornography, copyright or privacy.

The victims are instructed by the hackers to pay a fine of $100 or $199 using a credit card or money transfer service. If credit card details are handed over, further frauds often occur. If the fine is not paid within 72 hours, data files on the computer can be encrypted or wiped.

The AFP and Australian Competition and Consumer Commission have been inundated with calls from victims of ransomware, which include the ukash, reveton and trojan.ransomlock viruses.

''We've taken some very interesting calls; some people are very open, while others swear they have been hacked while using Facebook.

''We had one bloke who was almost in tears, because they were caught in their underpants,'' said an AFP source.

Originating in Russia in 2009, the virus has swept through western Europe, Canada and the United States, using different logos of local law enforcement agencies to lend credibility to the scam.

AFP cybercrime operations manager Commander Glen McEwan has issued several warnings about ransomware, which has evolved over the past six months to evade detection by some anti-virus software, spam filters and firewalls.

''Unfortunately, members of the public are still being affected by this scam. The Australian community is reminded that the AFP does not solicit funds and this message is not associated with the AFP in any way,'' Commander McEwan said.

He urged victims to report any cyber fraud to the ACCC website SCAMwatch.

The Australian Crime Commission recently identified ransomware as a new frontier for cyber gangs and an emerging threat to Australia's 12 million internet subscribers.

''Organised crime groups without strong technological skills are able to obtain ready-made malicious software packages online, to help them commit a range of offences, or there are those who will provide packages to organised crime for a fee,'' according to an ACC report released last month.

In February 2013, Spanish police and Europol arrested 11 people linked to a global ransomware operation, including a 27-year-old Russian man suspected of creating and distributing the virus.

Sean Kopelke, technology director with IT security firm, Symantec, has identified 16 different versions of malware linked to organised crime gangs in Russia, Europe and the Middle East.

A recent Symantec study of one virus found that 68,000 computers were infected within a month with 2.9 per cent of those ensnared by the scam, making payments of almost $400,000.

Mr Kopelke said the viruses were often spread through advertisements on adult websites. He urged internet users to regularly upgrade security software, exercise caution with unfamiliar websites and avoid opening links or advertisements from unsolicited sources.

''If you do get caught, accept these are fake and the AFP is not monitoring your computer. Stop using your computer and research the virus. There are programs online that can be loaded on a USB stick to remove malware,'' Mr Kopelke said.